From 8ea6e43d2f65acbfda614dbd4635823d7605b6d8 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Thu, 18 May 2023 10:12:16 +0100 Subject: gentoo auto-resync : 18:05:2023 - 10:12:16 --- net-libs/Manifest.gz | Bin 32469 -> 32461 bytes net-libs/libsignal-protocol-c/Manifest | 3 +- ...libsignal-protocol-c-2.3.3-CVE-2022-48468.patch | 53 ++++++++ .../libsignal-protocol-c-2.3.3-r1.ebuild | 18 +++ .../libsignal-protocol-c-9999.ebuild | 14 -- net-libs/pjproject/Manifest | 5 +- net-libs/pjproject/pjproject-2.12.1-r2.ebuild | 144 --------------------- net-libs/pjproject/pjproject-2.13-r1.ebuild | 142 -------------------- net-libs/pjproject/pjproject-2.13-r2.ebuild | 142 ++++++++++++++++++++ net-libs/pjproject/pjproject-2.13.ebuild | 139 -------------------- 10 files changed, 216 insertions(+), 444 deletions(-) create mode 100644 net-libs/libsignal-protocol-c/files/libsignal-protocol-c-2.3.3-CVE-2022-48468.patch create mode 100644 net-libs/libsignal-protocol-c/libsignal-protocol-c-2.3.3-r1.ebuild delete mode 100644 net-libs/libsignal-protocol-c/libsignal-protocol-c-9999.ebuild delete mode 100644 net-libs/pjproject/pjproject-2.12.1-r2.ebuild delete mode 100644 net-libs/pjproject/pjproject-2.13-r1.ebuild create mode 100644 net-libs/pjproject/pjproject-2.13-r2.ebuild delete mode 100644 net-libs/pjproject/pjproject-2.13.ebuild (limited to 'net-libs') diff --git a/net-libs/Manifest.gz b/net-libs/Manifest.gz index a445b7349712..60780f4c2750 100644 Binary files a/net-libs/Manifest.gz and b/net-libs/Manifest.gz differ diff --git a/net-libs/libsignal-protocol-c/Manifest b/net-libs/libsignal-protocol-c/Manifest index 5f94a23f658c..28cf908b1f63 100644 --- a/net-libs/libsignal-protocol-c/Manifest +++ b/net-libs/libsignal-protocol-c/Manifest @@ -1,4 +1,5 @@ +AUX libsignal-protocol-c-2.3.3-CVE-2022-48468.patch 1931 BLAKE2B 1e76d3bc4d4abad0440f3043475949de0d6bac7978f090e4b500c945ad93cfd400d363a7d81732dceb2853ad18da3d10d57e81e6daf2f0155a8fd9790cd21e9d SHA512 9e62354dc98ac8292df8485a1e6861867372d1625d49400fbb6503f1f34e3824f48c1e80d0bc9ec7878c4b341dabcdbc35acd740d21b59d67e13a0be403cbe32 DIST libsignal-protocol-c-2.3.3.tar.gz 272073 BLAKE2B 86f31ed8a18bfc1ea80c45ffaf983611d353616d418f308711665aae287ff86697f7586f20f2c52ac028f9e5ad8b6d39c80876b263654c620a541812917b4f44 SHA512 19d892e13fac32022658de5eaf1db8cec3226f5f3f37a4c1c33bfa9653126ecbc6350a1ab5624025f909803c2277b86321dbea7f64e9932883cae57b65f58112 +EBUILD libsignal-protocol-c-2.3.3-r1.ebuild 448 BLAKE2B 5d7f5bbae4c2d36fae47f57b9ff3f2af04ae7a93fcbf2368b9d34f3769b73df1b5565a02c387d07fe0b6e88451dc73d2d597d661f30e49f194faff07e79a97e6 SHA512 80b935e6a3a58a32dd727e5e45c003821d39e68a3a0469a48a905021f0e0df6c275e5e701b9019ac5020e53537958c75556a340c204e7a61f35c8ea04fe3aa35 EBUILD libsignal-protocol-c-2.3.3.ebuild 346 BLAKE2B cfa3bb04e96f7fb558250e8c97da2dfcc5d066370aefd966e734303531e9527a8772365cfd593f904547f5d16ca98268f537fb14f45032fcf677f5fb4817dd3b SHA512 e1153a01732b51c103d8efc23ca49c2bc2292ed64d7d9fe04e8c65819a211a6f35f42e7b4ea971a503a5cc85c6803d45c2a828e266052ff6bbdc2df6d186c57a -EBUILD libsignal-protocol-c-9999.ebuild 311 BLAKE2B 17b9baf64a60146c55a2b525493a265eb5070a20a31b4a0dffe24c86e8a720f60a47c06f09e4473dcb2585c0a6f612d2b4df4b47944e927afe84e8ce29ab668f SHA512 6443aef8035cdb162e1681e0547411a1a1e157fb994b89e3e06cc61ed8f01c62419e02a3108e38044688de604342ff48e59a779b3b163cd9984ce3bc3c594659 MISC metadata.xml 659 BLAKE2B f4a2ca5360a22ee74952638cfe61ef8b2d3351c5838ba130b5344d2362f946b2bdda5b58b2ed887fa8c5d2425c3d431e9d954752e7c3c36e7f0ae4d66a5bf706 SHA512 681673e2b407848e5abefaeb39159e0fa950720d6dc47992a6d11cfd8bb4d121995d4b247789afebf953d327a632bbaceccdd862232dac7f256e0f787ee6da5e diff --git a/net-libs/libsignal-protocol-c/files/libsignal-protocol-c-2.3.3-CVE-2022-48468.patch b/net-libs/libsignal-protocol-c/files/libsignal-protocol-c-2.3.3-CVE-2022-48468.patch new file mode 100644 index 000000000000..8b3706dd8829 --- /dev/null +++ b/net-libs/libsignal-protocol-c/files/libsignal-protocol-c-2.3.3-CVE-2022-48468.patch @@ -0,0 +1,53 @@ +From 478dfe51552243b367cf2e9c5d047cbbd3c21635 Mon Sep 17 00:00:00 2001 +From: Randy Barlow +Date: Fri, 18 Mar 2022 12:42:57 -0400 +Subject: [PATCH] CVE-2022-48468: unsigned integer overflow + +This commit combines two upstream commits from protobuf-c[0][1]. +The first fixes an unsigned integer overflow, and the second fixes a +regression introduced by the first. I originally decided to amend the +commit message of the first to mention that it fixes a CVE, but then I +realized it would be better to bring the fix for the regression together +with it. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48468 +https://bugzilla.redhat.com/show_bug.cgi?id=2186673 + +[0] +https://github.com/protobuf-c/protobuf-c/pull/513/commits/289f5c18b195aa43d46a619d1188709abbfa9c82 +[1] +https://github.com/protobuf-c/protobuf-c/pull/513/commits/0d1fd124a4e0a07b524989f6e64410ff648fba61 + +Co-authored-by: 10054172 +Co-authored-by: "Todd C. Miller" +Signed-off-by: 10054172 +Signed-off-by: Randy Barlow +--- + src/protobuf-c/protobuf-c.c | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/src/protobuf-c/protobuf-c.c b/src/protobuf-c/protobuf-c.c +index 4f2f5bc..6ae5287 100644 +--- a/src/protobuf-c/protobuf-c.c ++++ b/src/protobuf-c/protobuf-c.c +@@ -2456,10 +2456,13 @@ parse_required_member(ScannedMember *scanned_member, + return FALSE; + + def_mess = scanned_member->field->default_value; +- subm = protobuf_c_message_unpack(scanned_member->field->descriptor, +- allocator, +- len - pref_len, +- data + pref_len); ++ if (len >= pref_len) ++ subm = protobuf_c_message_unpack(scanned_member->field->descriptor, ++ allocator, ++ len - pref_len, ++ data + pref_len); ++ else ++ subm = NULL; + + if (maybe_clear && + *pmessage != NULL && +-- +2.39.2 + diff --git a/net-libs/libsignal-protocol-c/libsignal-protocol-c-2.3.3-r1.ebuild b/net-libs/libsignal-protocol-c/libsignal-protocol-c-2.3.3-r1.ebuild new file mode 100644 index 000000000000..894d6fc41d30 --- /dev/null +++ b/net-libs/libsignal-protocol-c/libsignal-protocol-c-2.3.3-r1.ebuild @@ -0,0 +1,18 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit cmake + +DESCRIPTION="Signal Protocol C Library" +HOMEPAGE="https://signal.org/ https://github.com/signalapp/libsignal-protocol-c" +SRC_URI="https://github.com/signalapp/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" +KEYWORDS="~amd64 ~arm64 ~x86" + +LICENSE="GPL-3" +SLOT="0" + +PATCHES=( + "${FILESDIR}"/${PN}-2.3.3-CVE-2022-48468.patch +) diff --git a/net-libs/libsignal-protocol-c/libsignal-protocol-c-9999.ebuild b/net-libs/libsignal-protocol-c/libsignal-protocol-c-9999.ebuild deleted file mode 100644 index 07a69138ceed..000000000000 --- a/net-libs/libsignal-protocol-c/libsignal-protocol-c-9999.ebuild +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit git-r3 cmake - -DESCRIPTION="Signal Protocol C Library" -HOMEPAGE="https://www.whispersystems.org/" - -EGIT_REPO_URI="https://github.com/signalapp/libsignal-protocol-c" - -LICENSE="GPL-3" -SLOT="0" diff --git a/net-libs/pjproject/Manifest b/net-libs/pjproject/Manifest index 69b9a858527b..41aeccf00e5a 100644 --- a/net-libs/pjproject/Manifest +++ b/net-libs/pjproject/Manifest @@ -7,9 +7,6 @@ AUX pjproject-2.12.1-r2-musl.patch 2941 BLAKE2B 58eab3d88a503e36fd1dee26593805e0 AUX pjproject-2.13-r1-CVE-2022-23537-buffer-overread-on-STUN-error-decode.patch 2895 BLAKE2B 59aa55426eb7ffe90fdbecd5005bed3bfc8f72b4abadb2a48e5bc0c03205005fe73e76d6a4c4640a22c72c1f6f7e201bee29ee426788aa0dd3942d85ebaca1d1 SHA512 2556e9b69ed71324686ca32d7bf7312386ea433af984b929084c44d060989c4631de815f27ef64a7e4082b6a62686bdaf70cbac56df3f81165b2200177d2b95c AUX pjproject-2.13-r1-CVE-2022-23547-buffer-overread-on-STUN-decode.patch 1665 BLAKE2B 6351b770947a5487e8f1c59ab8ae09a9e8e7eb9c3ab25975e58e04349505b26af5a8917e4044f4d48c5d04001a3f276182328505e1976f829a6dab51e0fd0160 SHA512 a3bdf959f199db105eca701d0b8d9f1e6bce495436277670bad0b6cd60f4718b41e35bcad86f338b9b919de7121d5610af0d5a5f33fa48767b761fc2e4b515da AUX pjproject-2.13-r1-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new.patch 1662 BLAKE2B 48f4b7113ecd0b539b1a8449a3493dbd8459af70566867b5a1c70b794b2ca0136a496f45d24d97602787082cc8bf61c25138fcfe448115bf5215b329888df686 SHA512 de77f0d4f4a6dc2e57ab46727944191fc050fd423b659c26c9d4f4dd7f23ba7cc1d9a55fe63317caaf66b5ea58ac410997bae57a6d3ac28ab7cb6dde47ce9b15 -DIST pjproject-2.12.1.tar.gz 9660659 BLAKE2B d893f22d995c9570e4003f80adf15144cf39e09d5843a88e3a616a529a91164ec7b012ea66ede8d55bfe4ec0dc4eca7d230f07fc66f06dfafaea9d5ff72910fa SHA512 9087456024b8886e56660cebc45c7093b3b91cd6b08a3926fa2c0de452989ac84ceb4e27413c0311bde95f271341ee44d9681f81f83602a4e16151f1831d773b DIST pjproject-2.13.tar.gz 9744716 BLAKE2B 947fe076089b3cd0826a554db3cda9939e228b9e7bb5ed2d01242e44e5e5b0d9d2ddc52b378f141efb89fcbfbd628fcdff341e54bc3615280e23f30ea58daf56 SHA512 df184511d554e5f77ca1a551bdf6b22c4c8ae2b6ad61be0e7e459e2d7db50f496af66c37e080f178019a509ea25847e70a342ac48c820a6b9302b4cbf174c520 -EBUILD pjproject-2.12.1-r2.ebuild 4025 BLAKE2B cddb1dcd63188583805cf1148e4609afed9d0ccc678de9916a06581cb39df7003fe9a5566db18d9d7d3203ca93181803c10ee4ab86a96b2a17c70fa99c972493 SHA512 c41fddabe06fd84000f617520f50aec5550219d0c4d2616854d5fa9a68786f6078f9e893485ee9b6c225451ea00a117ffbea4818ff031579fb0b318b369671cb -EBUILD pjproject-2.13-r1.ebuild 4029 BLAKE2B 9bca1bd2e8da9eda2f17391cc8d697cf8f6ddebb4a9de9c233f08d425e02d096480e784fd7effdf4ba0d5aacfb41274cb7166ed7b9846bd8966636caeef87f63 SHA512 49588cbef5dd70adb44593d1344d83c47a41cdc25dbc39c15522e2c48f1a2a00febe1d0422259344199e016eb685a4d49af6b5b02af531602297a6561ea439d2 -EBUILD pjproject-2.13.ebuild 3757 BLAKE2B 9d2e158bb348083c80ccd38375cd05369b784ffd5262c1105cf89bba1899cf71a5c984dff5148b54076a0736afea7e86dfb8630df5179b2a9287906c950d3789 SHA512 24fc4ef06f687b5462ea31a7bacef524457640ef04dce2a82b16929de0ebbaebd054bd356035f9e500c423d130cdfe92cf0e480f9f9d0c3d901fd1c114c6670b +EBUILD pjproject-2.13-r2.ebuild 4030 BLAKE2B 6eff6a7456727ffd6427b477f48291770aff6395fa69ba849e5106173c5de8768a11de75194b839053d803a659abbe40f089c79dd043c7f3b66d57f109876b70 SHA512 8c1c3f0014bf99173d2161a82dade22fdc29abfa0595f2f3948a59f7958f379af82feba4c6bd9fc4ee48b691b056d2e616b69c9a9f3f6ee718dfc457f8f08892 MISC metadata.xml 1459 BLAKE2B e35f9c8621ea7c1c2670d90f69c341b53b20501ece6fcb41fefdec9f328a6c2b88f2f9d2fd2a77938b802fc74c36f2e3387cad3be7c9126767f28d32b42d19ed SHA512 498a94fb2bf3692b60c644e9d3e341761b20e8a4e0215e1c14c4444a199f9abb085f3421e143e7b944bac54a4f774c0b47af76c6fae5fc2cda4da13d1781a9b0 diff --git a/net-libs/pjproject/pjproject-2.12.1-r2.ebuild b/net-libs/pjproject/pjproject-2.12.1-r2.ebuild deleted file mode 100644 index 5d6d6c7a9b1f..000000000000 --- a/net-libs/pjproject/pjproject-2.12.1-r2.ebuild +++ /dev/null @@ -1,144 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 -# TODO: Figure out a way to disable SRTP from pjproject entirely. -EAPI=8 - -inherit autotools flag-o-matic toolchain-funcs - -DESCRIPTION="Open source SIP, Media, and NAT Traversal Library" -HOMEPAGE="https://www.pjsip.org/" -SRC_URI="https://github.com/pjsip/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" -KEYWORDS="amd64 ~arm ~arm64 ~ppc ~ppc64 x86" - -LICENSE="GPL-2" -SLOT="0/${PV}" - -# g729 not included due to special bcg729 handling. -CODEC_FLAGS="g711 g722 g7221 gsm ilbc speex l16" -VIDEO_FLAGS="sdl ffmpeg v4l2 openh264 libyuv vpx" -SOUND_FLAGS="alsa portaudio" -IUSE="amr debug epoll examples opus resample silk ssl static-libs webrtc - ${CODEC_FLAGS} g729 - ${VIDEO_FLAGS} - ${SOUND_FLAGS}" - -RDEPEND=">=net-libs/libsrtp-2.3.0:= - alsa? ( media-libs/alsa-lib ) - amr? ( media-libs/opencore-amr ) - ffmpeg? ( media-video/ffmpeg:= ) - g729? ( media-libs/bcg729 ) - gsm? ( media-sound/gsm ) - ilbc? ( media-libs/libilbc ) - openh264? ( media-libs/openh264 ) - opus? ( media-libs/opus ) - portaudio? ( media-libs/portaudio ) - resample? ( media-libs/libsamplerate ) - sdl? ( media-libs/libsdl ) - speex? ( - media-libs/speex - media-libs/speexdsp - ) - ssl? ( -